Does the mass replication of an exploit really constitute a
supercomputer? Has it reached the point where a computing environment
capable of supporting programs is created or is it simply a mechanism
of attack controlled by a human operator?
Andy
On 01/09/07, Jim Lux <James.P.Lux at jpl.nasa.gov> wrote:
> At 06:23 AM 9/1/2007, Robert G. Brown wrote:
> >On Fri, 31 Aug 2007, Jim Lux wrote:
> >
> >Similarly lots of other problems become tractible to a brute force
> >search algorithm when you can displose of order of 20 petaclocks worth
> >of cycles. (Am I multiplying that out right? 10^7 times 2x10^9 =
> >2x10^16, 9 is giga, 12 is tera, 15 is peta. Yup. Petacycles.). Brute
> >force searches require minimal IPCs, although I'm sure there are
> >interesting problems associated with IPCs and data harvesting when it
> >has to be done in "stealth" mode and not lead investigators back to you
> >and when you need to make it robust against nodes dropping out (being
> >cleaned by their owners) and popping back in (as yet another virus
> >propagates).
>> There is a fair amount of literature on such communications problems.
> For instance, the classic Byzantine Generals problem deals with how
> to reliably communicate through (potentially deliberately) unreliable
> channels. And if the seamier side of the internet isn't byzantine, what is?
>>>> >Then there is denial of service. Everybody knows that this is an
> >attack, but few recognize its potential terror value. Just remember the
> >>>cost<< of some of the countdown viruses of years past. Some of them
> >literally shut down the Internet for close to a day -- clogging all the
> >main arteries and switch points until hosts were run down one at a time
> >and isolated by their hosting ISPs. The cost of those incidents in real
> >dollars, lost productivity, and human misery was easily a billion
> >dollars each (I read estimates that were much higher, but I don't want
> >to be hyperbolic so let's stay conservative here).
>> When speaking or writing of world domination, a bit of hyperbole is
> called for, no?
>>>> > A bot-cloud attack
> >could be far more costly and last far, far longer, in part because if it
> >were well-designed it could shape-shift every five minutes and vary e.g.
> >IP number, signature, target. It could also turn on and off at random
> >times to make it very difficult to track each bot back to its infected
> >host. If it times itself to take advantage of one of those two-month
> >long window vulnerabilities (yes, a lot of them last for PLENTY of time
> >for this to be feasible) so that it can essentially instantly re-infect
> >a wide class of hosts at will as they are cleansed, it could force the
> >shutdown of nearly every Windows system in the world until it is
> >hand-cleaned and patched -- the Internet itself would be useless in
> >fixing the problem. The cost of such a complete attack would be
> >staggering -- banking, commerce, education, defense -- all at a
> >standstill. It would probably trigger a full depression (led of course
> >by the complete collapse of Microsoft as the full cost of its appalling
> >and perpetual vulnerability is finally laid bare).
>>> I'm sure we'll have plenty of time to discuss this through the
> chainlink walls of our future accommodation at points south. I hope
> hurricane season is over by then.
>>> >Truthfully, I've been waiting for foreign terror powers to figure this
> >one out and attempt such an attack, but so far we've been lucky. Bot
> >driven attacks on individual systems of course happen all the time --
> >check out the logs of pretty much any server and count the number of
> >times per day some system in Korea or South America or God Knows Where
> >tries to probe its way down your ssh ports and standard accounts in
> >search of an idiot who left in a default password (or put a stupid
> >password or root). These folks aren't looking for fun, they're looking
> >for money.
>> And that's the problem. Say you have the ultimate DoS machine. It's
> not feasible to call up, say, Bank of America and tell them: send us
> X million or we shut down your consumer website (or your intranet, or
> whatever). First, you have the classic ransom pickup problem. It's
> pretty straightforward to move <$100K without leaving too much of a
> trail, much tougher to do it with $100M, unless the recipient has a
> substantial investment and preparation, which is hard to do on a "low
> budget" sort of scale. And it's tough to move from the $10K to the
> $10M bracket without travelling through the $100K-$1M zone without
> attracting a lot of attention. Second, if you ask for huge sums from
> one victim, they're going to have a big incentive to not pay. So
> you're back to the how to extort smallish sums from lots of victims
> and get it collected. That's a bigger administrative headache than
> running the botnet.
> their own.
>>> <rgb's description of the immense expense and effort dealing with
> this kind of thing>
>> So, it seems that while the SuperBotNet is amazingly effective as a
> device for forcing millions of dollars of extra sysadmin time in
> terms of keeping up with the continuous and pervasive annoyances,
> it's not particularly profitable for its operator. In the lingo:
> they haven't figured out how to monetize the botnet.
>> It's more like one of those James Bond novels where Blofeld creates a
> virus that will decimate the world's population of chickens. Unlike
> in the novel, though, there's no way to collect the ransom.
>>>>> _______________________________________________
> Beowulf mailing list, Beowulf at beowulf.org> To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf>